To receive apologies for absence from Members. 

Apologies for absence were received from Councillor RM Granville.

To receive declarations of personal and prejudicial interest (if any) from Members/Officers in accordance with the provisions of the Members’ Code of Conduct adopted by Council from 1 September 2014.

Councillor JE Lewis declared a prejudicial interest in Agenda item 7., due to the fact that Flying Start was mentioned during debate on this report and her grandson attends Flying Start. Councillor Lewis left the meeting whilst this item was being considered.

To receive for approval the minutes of the Committee of 13/12/18

RESOLVED:                       That the Minutes of a meeting of the Audit Committee dated 13 December 2018, be approved as a true and accurate record.

In relation to the two penultimate paragraphs before the resolution on page 7 of the minutes, the Chairperson wished the Senior Democratic Services Officer – Committees to take up the following outside of the meeting:-

“In respect of the policy of publishing FOI requests and/or responses to these, is this compliant with the Welsh Language Act, which states that the Welsh language should not be treated any less favourably than the English language. And has advice been sought from the Welsh Language Commissioner to ensure that we are compliant, as if not, it could present a risk and as has been stated, a significant cost to the Council?”

To be accompanied by a presentation from the Head of Performance and Partnership Services.

The Head of Performance and Partnerships submitted a report, advising that the Wales Audit Office carried out a fieldwork exercise from May to June 2018, to identify and understand the key digital risks facing Bridgend County Borough Council. The exercise was for planning purposes and the Wales Audit Office shared the key findings with Committee Members on 13 December 2018 (see Appendix 1 to the report). The report before Members detailed a response to such key findings and recommendations.

By way of background information, the Wales Audit Office discussion document presented to the Committee previously covered 7 key areas, as follows:-

1. Digital Strategy and Transformation
2. Website Development – ‘being better connected’
3. Resilience of the ICT infrastructure and platforms
4. IT skills, capacity, capability and resources
5. ICT Disaster Recovery (DR) planning
6. Cyber security and resilience
7. Data protection arrangements and GDPR

The Head of Performance and Partnerships then referred to the report’s current situation, and confirmed that in September 2016, BCBC commenced a project with the digital provider Agilisys, to introduce a single “Digital Platform” (My Account) for customers to interact on-line for key services. He explained that alongside the development of the digital platform, BCBC took the decision to develop and implement a new responsive website in September 2017.

He then went onto explain that the delivery of the Digital Platform was being implemented over two phases, with Phase 1 being the implementation of the Digital Platform running to April 2018. The services delivered were Council Tax and Housing Benefits, as well as the new responsive website.

Phase 2 focused on making available through the Digital Platform, the following services by end of March 2019:-

·       Council Tax (Single Person Discount and Vacant Property Discount)

·       School Admissions

·       Registrars

·       Report IT (Fly Tipping, Highways, Dog Fouling, Street Lighting)

The Platform has provided the opportunity to transform and offer the citizen the choice of consuming a digital channel. Transactions and queries could now be undertaken on a 24/7 basis, negating the need for phone calls and face to face communications.

The Head of Partnerships and Performance then gave a similar resume as that exampled above on the governance of Digital Strategy and Transformation, Website Transactional and Channel Shift Capabilities, GDPR Compliance and Readiness Plans, Council’s IT infrastructure and Network Support, ICT Disaster Recovery (DR) planning and Cyber security and resilience (Public Services Network Code of Connection) and Security Vulnerabilities and/or Risks and relevant time lines for these.

In terms of the report’s financial implications, he finally confirmed that the original Digital Transformation Programme funding of £2.5m was split into £1m for capital expenditure and £1.5m revenue expenditure. This section of the report also included details of spend to date.

In addition to the report, the Head of Partnerships and Performance gave a power point Presentation to explain some of the work undertaken so far and various aims, outcomes and objectives that had either taken place or were being worked upon.

He then responded to a number of questions raised by Members.

A Member raised a  ...  view the full minutes text for item 109.

The Interim Head of Finance submitted a report, the purpose of which, was to provide Members with the outcome of the Corporate Risk Assessment 2019-20 in Appendix A of the report, and inform the Committee of the changes to the Council’s Risk Management Policy in Appendix B and Incident and Near Miss Reporting Procedure in Appendix C.

The report outlined certain background information, confirming in paragraph 3.7, that each year the Council agrees a risk management timeline. This was shown at Appendix 2 within the Corporate Risk Management Policy.

She proceeded to explain, that at present, the Council did not have in place a procedure for the collection of information about incidents and near misses and the investigation of them, in order to ensure that certain lessons are learnt.

The Interim Head of Finance confirmed that the Council’s proposed Incident and Near Miss Reporting Procedure was reported to Senior Management Team on 10 April 2018 and then subsequently to the Audit Committee on 28 June 2018. At that meeting, Members requested that the scoring mechanism be reviewed and that a greater role for Members be considered. Corporate Management Board (CMB) then requested that the procedure be cross referenced with existing Health and Safety Department protocols, to ensure that there was no duplication.

The risk assessment at Appendix A has been reviewed in consultation with Corporate Management Board and the Senior Management Team.  It identified the main risks facing the Council, their link to the priority themes, the likely impact of these on Council services and the wider County Borough, what is being done to manage the risks and where responsibility lies for the Council’s response.  The risk assessment is aligned with the Medium Term Financial Strategy (MTFS).

The Corporate Risk Management Policy at Appendix B has been changed to incorporate a 5 x 5 risk scoring matrix which will be used as standard across the Council.

She added that the Policy has been amended to define risk appetite as “the amount of risk the organisation is prepared to accept, tolerate or be exposed to before it takes protective action.”

The Corporate Management Board has considered the level that the Council’s risk appetite should be set at.  It has agreed that using the 5 x 5 risk scoring matrix, those with a score of 10 or above exceed the Council’s risk appetite.  These being the risks which are designated as high or medium and are coloured red and amber in the risk scoring matrix.

The Corporate Risk Management Policy timeline at Appendix 2 had been amended for 2019-20 and this has been agreed by Corporate Management Board.

The Incident and Near Miss Reporting Procedure at Appendix C had been changed to incorporate the 5 x 5 scoring matrix.

The Interim Head of Finance advised that once a year, it was proposed that Committee considers a report summarising the incidents and near misses recorded and the action taken to prevent a recurrence of these/others. A further report would have to be presented  ...  view the full minutes text for item 110.

The Group Manager and Chief Accountant presented a report, in order to share with Members the proposed Treasury Management Strategy for 2019-20, which included the following:-

• Borrowing Strategy 2019-20
• Investment Strategy 2019-20
• Treasury Management Indicators for 2019-20 to 2021-22

The report outlined certain background information, following which she advised that the Treasury Management Strategy 2019-20 (Appendix A to the report) confirmed the Council’s compliance with the CIPFA Code, which requires that formal and comprehensive objectives, policies and practices, strategies and reporting arrangements are in place for the effective management and control of treasury management activities, and that the effective management and control of risk are the prime objectives of these activities.

The Group Manager and Chief Accountant added that the Treasury Management Strategy 2019-20 was going to be presented to Council for approval in February 2019, and whilst the main body of this will remain unchanged, there may be variations to some of the figures if there are any changes (such as the Capital Programme), to reflect the most up to date information.

She explained that the Strategy had been written in accordance with a new addition that now included the Prudential Indicators being incorporated in the Strategy.

The Group Manager and Chief Accountant added that the Strategy did not presently take account of the Capital Grant the Council would receive in the sum of £1.33m, nor the level of earmarked reserves for Period 9.

She then referred to certain key areas of the Strategy for the benefit of Members and concluded her submission, by confirming that the Strategy had been reviewed by the Council’s Treasury Management advisor’s Arlingclose, who had approved the Strategy without suggesting any amendments to the same.

RESOLVED:                           That Members gave due consideration to the Treasury Management Strategy 2019-20 (Appendix A to the report), further recommending that it be presented to Council for approval at its meeting in February 2019. 

The Chief Internal Auditor presented a report, the purpose of which, was to inform Committee of actual Internal Audit performance against the Audit Plan for the period April to December 2018.

By way of background information, she advised Members that the 2018/19 Internal Audit Plan was previously approved by the Audit Committee at its meeting in April 2018, with the Plan outlining the assignments to be carried out and their respective priorities.

The Plan provided for a total of 1,000 productive days from April 2018 to March 2019, on a Priority 1 and Priority 2 basis.

The Chief Internal Auditor referred Members to Appendix A to the report, which showed actual progress against the 2018/19 Risk Based Plan.

Appendix B contained further information detailing those reviews which have not yet been allocated in the respective quarters and those reviews brought forward from future quarters.

The next section of the report advised that though the Audit Section had been and still did carry some vacant posts, certain new members of staff subsequently recruited had made good progress in their roles, resulting in progression of the Plan. However, in order to ensure that a significant proportion of the Annual Plan is completed by the end of the financial year, the services of the South West Audit partnership had required to be commissioned.

In order to assist with the effective monitoring of the annual risk based plan, further information was attached at Appendix C. This showed all the reviews which had been completed during the period, together with their performance.

RESOLVED:                        That Members give due consideration to the Internal Audit Outturn Report covering the period April to December 2018, to ensure that all aspects of their core functions are being adequately reported.

The Chief Internal Auditor submitted a report, which provided Members with an update on the Council’s overarching Corporate Fraud Framework in accordance with the functions of the Audit Committee, as outlined in their Terms of Reference.

The report outlined certain background information and confirmed that one of the core functions of an effective Audit Committee, was ‘to consider the effectiveness of the Council’s Risk Management arrangements, the control environment and associated anti-fraud and corruption arrangements.’

The Chief Internal Auditor confirmed that a review had been undertaken based on the good practice identified in the Local Government Fraud Strategy. This included an assessment of how well the Council acknowledged the risk of fraud and how it prevents, detects and pursues monies or assets obtained fraudulently.

Attached as Appendices to the report were the following documents:-

• Appendix A – Fraud Strategy and Framework 2018/19 to 2020/21 (with accompanying Action Plan);
• Appendix B – Updated Anti-Fraud and Bribery Strategy (prior to being submitted to Cabinet for approval)
• Appendix C – Anti-Money Laundering Policy (prior to being submitted to Cabinet for approval)

A Member referred to page 152 of the report, paragraph 2.4 and examples of the different forms of Money Laundering and in terms of the fifth bullet point, she felt that the first two words in this paragraph, ie ‘tipping off’ should be deleted from the Policy. This was agreed to in principle.

RESOLVED:                           (1) That Members noted the Fraud Strategy and Framework 2018/19 to 2020/21.

                                                (2) That Members accepted the content of the Anti-Fraud and Bribery Strategy as set out in Appendix B of the report, and noted that that this would be referred to Cabinet for approval.

                                                 (3) That Members have regard to the content  of the Anti-Money Laundering Policy as set out in Appendix C of the report, and noted that it will be referred to Cabinet for approval.

The Chief Internal Auditor submitted a report, the purpose of which, was to present to Audit Committee the updated Forward Work Programme 2018-19, as appended to the report.

RESOLVED:                        That Members considered and noted the updated Forward Work Programme for 208/19.

To consider any other items(s) of business in respect of which notice has been given in accordance with Rule 4 of the Council Procedure Rules and which the person presiding at the meeting is of the opinion should by reason of special circumstances be transacted at the meeting as a matter of urgency.

None.

The Interim Head of Finance and S151 Officer advised Members that this was the Chief Internal Auditor’s last meeting of the Audit Committee before she was due to retire.

She advised that she had the pleasure of working with her in both her current role and previously in an audit role, and commended her for her professionalism and dedication to her work over the last 28 years of local government, 10 of which she had been the Head of Internal Audit in BCBC and the Vale of Glamorgan Council.

The Chief Internal Auditor had assisted greatly in the merger and support of the Internal Audit Shared Service with the Vale of Glamorgan Council, which since has been expanded further to include other neighbouring authorities.

Together with the Chairperson and on behalf of Members and Officers, the Interim Head of Finance and S151 Officer wished her a very happy and healthy retirement, thanking her for the total commitment she had shown in her role since she had been in BCBC and latterly part of the Shared Service.